Prev: Managing bounces/undeliverable properly
Next: Directing SPAM mail to a Junk Folder
From: "Schwalbe, Oliver" on 25 Mar 2010 02:00
Hi community,

in the last time i have some problems with smtp-senders who are blocked by dnsbl-lists like
uceprotect.net. The owner of the mailservers assured me not to generate and send any SPAM.
How can i implement a whitelist for some friendly senderdomains to bypass the reject_rbl_client rule?

Here my smtp_recipient_restrictions entries:

smtp_recipient_restrictions=permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject rbl_client dnsbl-1.uceprotect.net
permit


Thanks for help!

Oliver


<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />



From: Ralf Hildebrandt on 25 Mar 2010 03:18
* Schwalbe, Oliver <Oliver.Schwalbe(a)schnellecke.com>:
> Hi community,
>
> in the last time i have some problems with smtp-senders who are blocked
> by dnsbl-lists like uceprotect.net.
> The owner of the mailservers assured me not to generate and send any
> SPAM. How can i implement a whitelist for some friendly senderdomains
> to bypass the reject_rbl_client rule?
>
> Here my smtp_recipient_restrictions entries:
>
> smtp_recipient_restrictions=permit_mynetworks,
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> reject_non_fqdn_sender,
> reject_unknown_sender_domain,
> reject_unknown_recipient_domain,
> reject_unauth_pipelining,
> reject_unauth_destination,
> reject_rbl_client zen.spamhaus.org,
> reject_rbl_client bl.spamcop.net,
> reject_rbl_client dnsbl.njabl.org,

check_client_access hash:/etc/postfix/whitelist

> reject rbl_client dnsbl-1.uceprotect.net
> permit

with:

IP OK

Or rather remove dnsbl-1.uceprotect.net, since they really suck.

--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebrandt(a)charite.de | http://www.charite.de


From: Ralf Hildebrandt on 26 Mar 2010 19:12
* Schwalbe, Oliver <Oliver.Schwalbe(a)schnellecke.com>:
>
> Hallo Herr Hildebrandt,
>
> Danke für die schnelle Rückantwort.
> uceprotect.net habe ich als erste Maßnahme schon deaktiviert, würde aber ganz gerne wieder darauf
> zurückkommen.
> Ich bräuchte aber noch genauere Informationen, wo ich IP ok hinterlegen muß.
> Muß ich dafür eine eigene Datei anlegen und darauf verweisen?

Yes, like I wrote in my answer:
--->check_client_access hash:/etc/postfix/whitelist

echo "IP OK" > /etc/postfix/whitelist
postmap /etc/postfix/whitelist

--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebrandt(a)charite.de | http://www.charite.de


 | 
Pages: 1
Prev: Managing bounces/undeliverable properly
Next: Directing SPAM mail to a Junk Folder